Lucene search
K

227 matches found

Cvelist
Cvelist
added 2013/05/08 10:0 a.m.21 views

CVE-2013-3507

The NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to obtain sensitive information via a direct request for 1 a configuration file, 2 a database dump, or 3 the Tomcat status context...

5.8AI score0.01337EPSS
Exploits0References3
CVE
CVE
added 2013/05/08 10:0 a.m.48 views

CVE-2013-3507

The CVE-2013-3507 issue affects GroundWork Monitor Enterprise 6.7.0 via the NeDi component. The vulnerability allows remote authenticated users to disclose sensitive information by directly requesting one of three resources: (1) a configuration file, (2) a database dump, or (3) the Tomcat status ...

4CVSS5.9AI score0.01337EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2013/05/08 10:0 a.m.30 views

CVE-2013-3508

html/System-Files.php in the System File Overview feature in the NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to execute arbitrary commands via vectors involving file editing...

7.1AI score0.01969EPSS
Exploits0References3
CVE
CVE
added 2013/05/08 10:0 a.m.44 views

CVE-2013-3509

CVE-2013-3509 affects GroundWork Monitor Enterprise 6.7.0 (NeDi component). The issue is in html/System-NeDi.php: remote authenticated users can execute arbitrary commands via shell metacharacters in the scan functionality under System/NeDi. Impact details are not expanded beyond the description ...

6.5CVSS7.5AI score0.019EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2013/05/08 10:0 a.m.44 views

CVE-2013-3511

The connected documents confirm an open redirect vulnerability in the NeDi component of GroundWork Monitor Enterprise 6.7.0. Impact described as attackers redirecting users to arbitrary sites, enabling phishing via unspecified vectors. No concrete remediation steps or affected version details bey...

5.8CVSS6.9AI score0.01341EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2013/03/11 12:0 a.m.110 views

SEC Consult SA-20130308-1 :: Multiple vulnerabilities in GroundWork Monitor Enterprise (part 2)

SEC Consult Vulnerability Lab Security Advisory 20130308-1 ======================================================================= title: Multiple high risk vulnerabilities part 2 product: GroundWork Monitor Enterprise vulnerable version: 6.7.0 fixed version: none - optional technical bulletin...

0.4AI score
Exploits0
0day.today
0day.today
added 2013/03/09 12:0 a.m.43 views

GroundWork Monitor Enterprise 6.7.0 SQL Injection / Command Execution

GroundWork Monitor Enterprise version 6.7.0 suffers from remote SQL injection, file disclosure, command injection, and cross site scripting vulnerabilities. This is the second of two advisories documenting all the issues in GroundWork. Detailed proof of concepts were removed by the author because...

7.3AI score
Exploits0
Rows per page
Query Builder